思科无线控制器 AC5508 初始化
1. 物理连接
首次接触到思科无线控制器5508的时候以为下边图片上的 SP 是交换端口,RP是路由端口。初始化配置管理端口后无法登录,后才仔细研究了一下各个端口的作用。
SP
Service port 服务端是控制器的带外管理接口。通过控制台接口初始化控制器,为服务端口配置 IP 地址后,可远程操控控制器。
RP
Redundancy Port 在5500/7500/8500系列无线控制器上有一个专用的冗余端口作背靠背连接,用来同步从主无线控制器到备无线控制器上的配置。控制器每 100 毫秒通过 RP 端口发一次 UDP 心跳报文,实时监控对端设备状态。
2. 恢复出厂配置
1)在命令行下输入 clear config,并输入 Y 确认。
(Cisco Controller) >clear config
Are you sure you want to clear the configuration? (y/n) y
Writing to flash ...done
Configuration Cleared!
2)输入 reset system,并输入 N 确认不需要保存配置文件就重新启动系统。
3)系统重新启动后将会重新进入初始配置界面。
3. 初始化
1)重启系统(忘记超级用户密码,使用电源按钮重新启动系统)。
(Cisco Controller) >reset system // 控制台界面输入 Reset System
Are you sure you would like to reset the system? (y/N)
System will now restart! Creating license client restartability threadExit Called
Switchdrvr exited!
Restarting system.
.....
2)当系统重启完成后,要求用户输入管理用户名时,输入 recover-config,将会把控制器恢复到出厂状态。
Enter User Name (or 'Recover-Config' this one-time only to reset configuration to factory defaults)
User: recover-config // 要求用户输入管理用户名时,输入 recover-config
Enter Administrative User Name (24 characters max): admin //设置用户名,密码
Enter Administrative Password (3 to 24 characters): ***********
Re-enter Administrative Password : ***********
Service Interface IP Address Configuration [static][DHCP]: static //静态配置带外管理地址
Service Interface IP Address: 192.10.10.1
Service Interface Netmask: 255.255.255.0
Enable Link Aggregation (LAG) [yes][NO]: NO
Management Interface IP Address: 192.168.118.1 //静态配置带内管理地址
Management Interface Netmask: management:255.255.255.0
Management Interface Default Router: 192.168.118.254
Management Interface VLAN Identifier (0 = untagged): 0
Management Interface DHCP Server IP Address: 192.168.118.254
Enable HA [yes][NO]: NO
Virtual Gateway IP Address: 1.1.1.1 //随便配置一个地址
Mobility/RF Group Name: Test //三层漫游使用的组名
Network Name (SSID): Test //配置SSID
Configure DHCP Bridging Mode [yes][NO]: No
Allow Static IP Addresses [YES][no]: no
Configure a RADIUS Server now? [YES][no]: no
Enter Country Code list (enter 'help' for a list of countries) [US]: CN
Enable 802.11b Network [YES][no]: yes
Enable 802.11a Network [YES][no]: yes
Enable 802.11g Network [YES][no]: yes
Enable Auto-RF [YES][no]: yes
Configure a NTP server now? [YES][no]: no
Configure the system time now? [YES][no]: yes
Enter the date in MM/DD/YY format: 10/01/23
Enter the time in HH:MM:SS format: 10 3:04 5:00
Would you like to configure IPv6 parameters[YES][no]: no
Configuration correct? If yes, system will save it and reset. [yes][NO]: yes3)检查配置
(Cisco Controller) >show network summary
RF-Network Name............................. Test
DNS Server IP...............................
Web Mode.................................... Disable
Secure Web Mode............................. Enable
Secure Web Mode Cipher-Option High.......... Disable
Secure Web Mode Cipher-Option SSLv2......... Disable
Secure Web Mode RC4 Cipher Preference....... Disable
Secure Web Mode SSL Protocol................ Disable
OCSP........................................ Disabled
OCSP responder URL..........................
Secure Shell (ssh).......................... Enable
Secure Shell (ssh) Cipher-Option High....... Disable
Telnet...................................... Disable
Ethernet Multicast Forwarding............... Disable
Ethernet Broadcast Forwarding............... Disable
IPv4 AP Multicast/Broadcast Mode............ Unicast
IPv6 AP Multicast/Broadcast Mode............ Unicast
IGMP snooping............................... Disabled
IGMP timeout................................ 60 seconds
IGMP Query Interval......................... 20 seconds
MLD snooping................................ Disabled
MLD timeout................................. 60 seconds
MLD query interval.......................... 20 seconds
User Idle Timeout........................... 300 seconds
ARP Idle Timeout............................ 300 seconds
Cisco AP Default Master..................... Disable
AP Join Priority............................ Disable
Mgmt Via Wireless Interface................. Disable
Mgmt Via Dynamic Interface.................. Disable
Bridge MAC filter Config.................... Enable
Bridge Security Mode........................ EAP
Mesh Full Sector DFS........................ Enable
Mesh Backhaul RRM........................... Disable
AP Fallback ................................ Enable
Web Auth CMCC Support ...................... Disabled
Web Auth Redirect Ports .................... 80
Web Auth Proxy Redirect ................... Disable
Web Auth Captive-Bypass .................. Disable
Web Auth Secure Web ....................... Enable
Web Auth Secure Redirection ............... Disable
Fast SSID Change ........................... Disabled
AP Discovery - NAT IP Only ................. Enabled
IP/MAC Addr Binding Check .................. Enabled
Link Local Bridging Status ................. Disabled
CCX-lite status ............................ Disable
oeap-600 dual-rlan-ports ................... Disable
oeap-600 local-network ..................... Enable
oeap-600 Split Tunneling (Printers)......... Disable
WebPortal Online Client .................... 0
WebPortal NTF_LOGOUT Client ................ 0
mDNS snooping............................... Disabled
mDNS Query Interval......................... 15 minutes
Web Color Theme............................. Default
Capwap Prefer Mode.......................... IPv4
Network Profile............................. Disabled
Client ip conflict detection (DHCP) ........ Disabled
Mesh BH RRM ................................ Disable
Mesh Aggressive DCA......................... Disable
Mesh Auto RF................................ Disable
HTTP Profiling Port......................... 80